package cn.yanglq.Rss.web.controller.userinfo;

import cn.yanglq.Rss.web.common.vo.ApiResult;
import cn.yanglq.Rss.web.controller.BaseController;
import cn.yanglq.Rss.web.service.UserService;
import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/**
 * Created by yanglq on 2017/6/13.
 */

@Controller
@RequestMapping("/updatepwd")
public class UpdatePwdController extends BaseController {
    @Autowired
    private UserService userService;

    @RequestMapping(value = "/update")
    @ResponseBody
    public ApiResult update(@RequestParam(value = "oldpassword", required = true) String oldpassword,
                            @RequestParam(value = "password", required = true) String password,
                            HttpServletRequest request, HttpSession httpSession) {
        ApiResult result = new ApiResult();
        String userid = findCurrentLoginid();
        String oldpwd = userService.selectUserByUserId(userid).getPasswd();
        if (!oldpwd.equals(DigestUtils.md5Hex(oldpassword))) {
            result.setSuccess(false);
            result.setErrorcode(110);
            result.setMessage("旧密码输入错误！");
            return result; //
        }
        userService.updatePassword(userid, DigestUtils.md5Hex(password));
        result.setSuccess(true);
        result.setErrorcode(0);
        result.setMessage("修改成功！");
        return result; //校验通过返回成功
    }
}
